Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2781

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-2781
Last Modified 07 Mar 2011 09:37:00
Published 02 Jun 2006 03:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2781

Summary

Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 characters.

Vulnerable Systems

Application

  • Mozilla Seamonkey 1.0.1

  • Mozilla Thunderbird 1.5.0.3


References

XF - mozilla-vcard-doublefree-memory-corruption(26850)

VUPEN - ADV-2006-3749

VUPEN - ADV-2006-2106

UBUNTU - USN-323-1

UBUNTU - USN-297-3

UBUNTU - USN-297-1

BID - 18228

HP - SSRT061236

HP - HPSBUX02156

BUGTRAQ - 20060602 rPSA-2006-0091-1 firefox thunderbird

REDHAT - RHSA-2006:0611

REDHAT - RHSA-2006:0594

REDHAT - RHSA-2006:0578

SUSE - SUSE-SA:2006:035

CONFIRM - http://www.mozilla.org/security/announce/2006/mfsa2006-40.html

MANDRIVA - MDKSA-2006:146

GENTOO - GLSA-200606-21

DEBIAN - DSA-1134

DEBIAN - DSA-1118

SECTRACK - 1016214

SECUNIA - 22065

SECUNIA - 21631

SECUNIA - 21607

SECUNIA - 21336

SECUNIA - 21324

SECUNIA - 21269

SECUNIA - 21210

SECUNIA - 21183

SECUNIA - 21178

SECUNIA - 21134

SECUNIA - 20709

SECUNIA - 20394

SECUNIA - 20382

REDHAT - RHSA-2006:0609


Last Updated: 27 May 2016 10:42:46